Pass redirect_uri fields in POST. Use full URL

Pass in the missing redirect_uri value along with login data. Use the
full URI (complete with request args) as the form's action.

This resolves the error raised when wrong credentials are provided.

1 files changed, 5 insertions, 2 deletions

diff --git a/gn_auth/auth/authentication/oauth2/views.py b/gn_auth/auth/authentication/oauth2/views.py
index 8e2ceef..52f3346 100644
--- a/gn_auth/auth/authentication/oauth2/views.py
+++ b/gn_auth/auth/authentication/oauth2/views.py
@@ -48,13 +48,16 @@ def authorise():
                 "oauth2/authorise-user.html",
                 client=client,
                 scope=client.scope,
-                response_type=request.args["response_type"])
+                response_type=request.args["response_type"],
+                redirect_uri=request.args["redirect_uri"])
 
         form = request.form
         def __authorise__(conn: db.DbConnection) -> Response:
             email_passwd_msg = "Email or password is invalid!"
             redirect_response = redirect(url_for("oauth2.auth.authorise",
-                                                 client_id=client_id))
+                                                 response_type=form["response_type"],
+                                                 client_id=client_id,
+                                                 redirect_uri=form["redirect_uri"]))
             try:
                 email = validate_email(
                     form.get("user:email"), check_deliverability=False)